package com.xiye.eureka;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
 * @Package com.xiye.eureka
 * @Description spring boot 2.0高版本yml弃用
 * security:
 * basic:
 * enabled: true
 * 因新版security默认开启csrf，需新建配置类，关闭csrf
 * 否则会报Cannot execute request on any know server
 * @Author 西野
 * @Date 2018-06-08
 * @Version V1.0
 */
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable();
        /*解除不能iframe限制，后续如果不允许iframe在注释掉下面这行代码*/
        http.headers().frameOptions().disable();
    }
}
